fb81d6e8b03db5e77a3ef30496a34e45_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fb81d6e8b03db5e77a3ef30496a34e45_JaffaCakes118
Size

19KB
MD5

fb81d6e8b03db5e77a3ef30496a34e45
SHA1

e3d3ab6fd823720901a0c3a7507e34f863694045
SHA256

17ea4d87ae8da53e61095790487d8f63d70bcc9dbde5e85c759f8e339e073540
SHA512

236f579c51b531568579b817a00e631dd6d386cd89d02f583c23ff8874222c3983a477195b9de811c7f93289365704a0bfee342729dcb2f5673d4d7616cf737d
SSDEEP

192:VH6t7BH8SCBZDX6r4mUOd6wjMBuGweaO87JAWEGSY/afkLtmhxMjyINmoz2Bj40h:VaH8Bkr4odPWAZJk1YafkVSzRlX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb81d6e8b03db5e77a3ef30496a34e45_JaffaCakes118

Files

fb81d6e8b03db5e77a3ef30496a34e45_JaffaCakes118
.dll windows:6 windows x86 arch:x86

28ef795089e4bb5366edf47b0a21004a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnumResourceTypesA
lstrlenA
lstrcpyA
HeapAlloc
GetProcessHeap
LocalFree
SetLastError

wininet

ShowClientAuthCerts
IsHostInProxyBypassList
HttpSendRequestExA
GopherFindFirstFileW
FindNextUrlCacheEntryA
FtpGetCurrentDirectoryA
InternetGetCertByURL
GopherGetLocatorTypeA
ReadUrlCacheEntryStream
InternetGetLastResponseInfoA
SetUrlCacheConfigInfoW

comdlg32

PageSetupDlgW
ChooseFontW
ChooseFontA

msacm32

acmStreamUnprepareHeader
acmFormatTagDetailsW
acmDriverDetailsW
acmFormatChooseW

mpr

WNetAddConnection3A
WNetGetResourceParentA
WNetDisconnectDialog1A
WNetGetUserW
WNetGetResourceInformationA
WNetAddConnection2A
WNetAddConnectionW
WNetGetNetworkInformationA

wsnmp32

ord200
ord503
ord400
ord105

advapi32

RegDeleteKeyExA
RegQueryValueExW
RegSetValueExW
RegCreateKeyExA
GetUserNameA
RegCloseKey
RegOpenKeyExA

msvcrt

sprintf
memcpy

Exports

Exports

yasrwqme

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 304B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28ef795089e4bb5366edf47b0a21004a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

wininet

comdlg32

msacm32

mpr

wsnmp32

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 7KB - Virtual size: 6KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 304B

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 304B